CVE-2021-42066
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-42066
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
SAP Business One - version 10.0, allows an admin user to view DB password in plain text over the network, which should otherwise be encrypted. For an attacker to discover vulnerable function in-depth application knowledge is required, but once exploited the attacker may be able to completely compromise confidentiality, integrity, and availability of the application.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
敏感数据的明文存储
Source: NVD (National Vulnerability Database)
Vulnerability Title
SAP Business One 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
SAP Business One是德国思爱普(SAP)公司的一套企业管理软件。该软件包括财务管理、运营管理和人力资源管理等功能。 SAP Business One - 10.0 版存在安全漏洞,该漏洞允许管理员用户通过网络以纯文本形式查看数据库密码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| SAP SE | SAP Business One | < 10.0 | - |
II. Public POCs for CVE-2021-42066
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2021-42066
请登录查看更多情报信息。
- https://launchpad.support.sap.com/#/notes/3101299x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2021-42066
Same Patch Batch · SAP SE · 2021-12-14 · 12 CVEs total
| CVE-2021-44231 | Adobe After Effects 代码注入漏洞 | |
| CVE-2021-44233 | SAP GRC Access Control 安全漏洞 | |
| CVE-2021-44235 | SAP NetWeaver AS 操作系统命令注入漏洞 | |
| CVE-2021-44232 | SAP SAF-T 路径遍历漏洞 | |
| CVE-2021-42063 | SAP Knowledge Warehouse 跨站脚本漏洞 | |
| CVE-2021-42069 | SAP 3D Visual Enterprise Viewer 缓冲区错误漏洞 | |
| CVE-2021-38182 | kyma 输入验证错误漏洞 | |
| CVE-2021-42064 | SAP Commerce SQL注入漏洞 | |
| CVE-2021-42070 | SAP 3D Visual Enterprise Viewer 输入验证错误漏洞 | |
| CVE-2021-42068 | SAP 3D Visual Enterprise Viewer 输入验证错误漏洞 | |
| CVE-2021-42061 | SAP BusinessObjects Business Intelligence Platform 跨站脚本漏洞 |
IV. Related Vulnerabilities
Same product: SAP Business One
Same vendor: SAP SE
- CVE-2025-42956
Multiple vulnerabilities in SAP NetWeaver Application Server - CVE-2023-36920
Clickjacking vulnerability in SAP Enable Now - CVE-2023-40307
Privileges Memory Corruption (Out-of-bound write) - CVE-2023-40306
URL Redirection vulnerability in SAP S/4HANA (Manage Catalog - CVE-2022-41211
SAP 3D Visual Enterprise Viewer和SAP 3D Visual Enterprise Aut
Same weakness: CWE-312
- CVE-2026-7163
Assisted-service: assisted-service: authenticated users can - CVE-2026-41385
OpenClaw < 2026.3.31 - Nostr Private Key Exposure via config - CVE-2026-6553
TYPO3 CMS Stores Cleartext Password in User Settings Module - CVE-2026-35644
OpenClaw < 2026.3.22 - Credential Exposure via baseUrl Field - CVE-2025-14815
Information Disclosure, Tampering, and Denial-of-Service Vul
V. Comments for CVE-2021-42066
No comments yet